CVE-2015-7660

Adobe AIR SDK Compiler Use-After-Free Vulnerabilities

Credit:
The information has been provided by Bilou working with HP's Zero Day Initiative, Natalie Silvanovich of Google Project Zero, Kenneth Fitch and Aaron Lamb of Endgame and Anonymous working with HP's Zero Day Initiative..

Vulnerable Systems:
* Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241

Adobe Flash Player and AIR are prone to multiple remote code-execution vulnerabilities because of a use-after-free error. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition.